Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/TrhuVvahKY3-b80GYFxCnrQ8QS4.roa
File: TrhuVvahKY3-b80GYFxCnrQ8QS4.roa (raw, json)
Hash identifier: kOyeqbDSpHBW5UPCfmHs0wd+BA3VXwJ51dObS7FSWQw=
Subject key identifier: 4E:B8:6E:56:F6:A1:29:8D:FE:6F:CD:06:60:5C:42:9E:B4:3C:41:2E
Certificate issuer: /CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Certificate serial: 018CABCEAED53781F59100B4F1C8DB9CA06D
Authority key identifier: 5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/TrhuVvahKY3-b80GYFxCnrQ8QS4.roa
Signing time: Wed 27 Dec 2023 15:04:58 +0000
ROA not before: Wed 27 Dec 2023 15:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 174
IP address blocks: 2a12:b3c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:ce:ae:d5:37:81:f5:91:00:b4:f1:c8:db:9c:a0:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e0ff8aaf7453114147028d54ae1c693a8a147bc
Validity
Not Before: Dec 27 15:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4eb86e56f6a1298dfe6fcd06605c429eb43c412e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:bd:b8:92:19:00:c7:8f:5b:a1:8e:a3:da:04:
9e:00:d9:cf:ab:6e:12:46:b8:e7:e7:7b:a3:c2:a2:
ed:27:7a:b8:cc:a0:dc:4a:83:cb:11:6e:2c:22:43:
19:46:9a:d2:2e:41:8f:64:77:94:de:e0:45:98:51:
38:c8:52:9e:51:18:14:8c:5b:e5:4f:e7:31:74:4f:
50:d2:53:e0:43:38:b2:98:bf:76:3d:78:f3:11:b1:
cd:76:70:90:b5:ff:21:cd:68:17:9a:b2:d6:84:cf:
6c:b8:75:bf:ad:87:30:f2:82:af:14:55:7a:0e:71:
9b:d1:08:a1:13:0e:78:77:30:c3:35:a4:ca:fc:68:
59:46:23:1b:ce:fb:14:68:0b:09:bd:2b:86:7b:c3:
37:95:d1:02:a8:1b:f1:bc:8c:38:bb:97:42:2f:d2:
fb:3f:89:0d:f9:76:e0:56:68:33:dd:7f:1a:2e:8d:
43:f4:93:51:66:ba:c1:40:d0:b1:bf:de:d9:cd:8c:
b6:2b:ef:15:8c:8b:73:6c:fd:7a:a4:00:0b:f2:87:
1c:d4:1e:ab:15:22:8f:1a:a6:90:f9:ae:1f:e1:de:
7c:16:6a:d0:37:be:37:83:01:48:6b:17:c9:51:7f:
0f:42:d7:ba:96:11:81:7f:7f:06:44:b8:f8:43:38:
52:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:B8:6E:56:F6:A1:29:8D:FE:6F:CD:06:60:5C:42:9E:B4:3C:41:2E
X509v3 Authority Key Identifier:
keyid:5E:0F:F8:AA:F7:45:31:14:14:70:28:D5:4A:E1:C6:93:A8:A1:47:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/TrhuVvahKY3-b80GYFxCnrQ8QS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dd6e1d-abc9-473b-a91a-d8721375644a/1/Xg_4qvdFMRQUcCjVSuHGk6ihR7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:b3c0::/29
Signature Algorithm: sha256WithRSAEncryption
9e:87:c2:5f:74:a7:fe:f3:55:50:65:7a:c9:5b:f4:00:a6:19:
cb:e7:a6:ac:e5:24:5d:00:67:cb:7f:31:dd:62:21:22:a8:04:
32:4d:90:48:b4:f6:01:13:61:d6:73:81:0b:78:68:df:83:a6:
52:cc:cd:b6:2f:b5:22:f3:db:4d:e7:55:9b:8c:9a:80:65:ef:
21:35:6d:31:76:ec:e9:d0:b2:31:2e:88:7e:62:78:60:46:f8:
74:79:a6:2f:27:80:5b:cc:37:af:b6:ed:c3:0e:80:65:cc:35:
d8:c4:39:12:40:3f:9c:aa:42:9c:f9:9e:ca:b3:53:65:db:6d:
32:03:d0:d2:49:64:60:8d:bb:df:30:6f:bf:2f:98:5b:2e:79:
b9:a7:f0:68:04:0b:6d:e2:02:87:36:f9:e2:ba:16:64:93:bc:
0b:a9:58:93:a1:51:dd:44:ae:47:b2:e2:5d:81:23:73:3a:ee:
e2:34:96:df:ab:21:86:ce:8c:1d:da:34:45:3b:87:40:d4:30:
18:93:79:4e:94:e1:1c:f1:4d:f6:70:2f:2b:60:31:9c:47:55:
69:54:8b:77:f5:59:30:66:8c:9c:c5:56:65:12:da:82:71:29:
8a:10:c0:f3:b3:f9:65:21:d5:70:9e:63:b3:df:56:fa:60:4c:
00:5c:53:99
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYyrzq7VN4H1kQC08cjbnKBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMGZmOGFhZjc0NTMxMTQxNDcwMjhkNTRhZTFjNjkzYThh
MTQ3YmMwHhcNMjMxMjI3MTUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWI4NmU1NmY2YTEyOThkZmU2ZmNkMDY2MDVjNDI5ZWI0M2M0MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL24khkAx49boY6j2gSeANnPq24S
Rrjn53ujwqLtJ3q4zKDcSoPLEW4sIkMZRprSLkGPZHeU3uBFmFE4yFKeURgUjFvl
T+cxdE9Q0lPgQziymL92PXjzEbHNdnCQtf8hzWgXmrLWhM9suHW/rYcw8oKvFFV6
DnGb0QihEw54dzDDNaTK/GhZRiMbzvsUaAsJvSuGe8M3ldECqBvxvIw4u5dCL9L7
P4kN+XbgVmgz3X8aLo1D9JNRZrrBQNCxv97ZzYy2K+8VjItzbP16pAAL8occ1B6r
FSKPGqaQ+a4f4d58FmrQN743gwFIaxfJUX8PQte6lhGBf38GRLj4QzhSGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFE64blb2oSmN/m/NBmBcQp60PEEuMB8GA1UdIwQY
MBaAFF4P+Kr3RTEUFHAo1UrhxpOooUe8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEt
ZDg3MjEzNzU2NDRhLzEvVHJodVZ2YWhLWTMtYjgwR1lGeENuclE4UVM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9kZDZlMWQtYWJjOS00NzNiLWE5MWEtZDg3MjEzNzU2NDRh
LzEvWGdfNHF2ZEZNUlFVY0NqVlN1SEdrNmloUjd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhKzwDAN
BgkqhkiG9w0BAQsFAAOCAQEAnofCX3Sn/vNVUGV6yVv0AKYZy+emrOUkXQBny38x
3WIhIqgEMk2QSLT2ARNh1nOBC3ho34OmUszNti+1IvPbTedVm4yagGXvITVtMXbs
6dCyMS6IfmJ4YEb4dHmmLyeAW8w3r7btww6AZcw12MQ5EkA/nKpCnPmeyrNTZdtt
MgPQ0klkYI273zBvvy+YWy55uafwaAQLbeIChzb54roWZJO8C6lYk6FR3USuR7Li
XYEjczru4jSW36shhs6MHdo0RTuHQNQwGJN5TpThHPFN9nAvK2AxnEdVaVSLd/VZ
MGaMnMVWZRLagnEpihDA87P5ZSHVcJ5js99W+mBMAFxTmQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:11 2024 by rpki-client on console-fra.rpki-client.org